package com.boot.web;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author Chunsheng.Zhang
 * @date 2021/4/16 11:19
 * @description : TODO
 */
@RestController
@RequestMapping("/user")
public class UserController {



    //匿名可访问
    @PreAuthorize("isAnonymous()")
    @RequestMapping("/m1")
    public String m1(){
        return "成功访问m1方法";
    }



    //必须拥有权限m2才可访问
    @PreAuthorize("hasAuthority('m2')")
    @RequestMapping("/m2")
    public String m2(){
        return "成功访问m2方法";
    }



    @PreAuthorize("hasAnyAuthority('m2','m3')")
    @RequestMapping("/m3")
    public String m3(){
        return "成功访问m3方法";
    }


}
